New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hide email addresses on the hats page when not logged in #854
Comments
I'm sorry to hear that, @zg. This sounds good to me. What do you say, @pushcx ? I suppose my question is whether you think it is useful to display the |
It's convenient to give a method of contact, as hats are for speaking officially on behalf of a project, so I'd like to keep that display for logged-in users. But yeah, let's not display them publicly. |
Another option is to use web-pages in place of email addresses. I believe when the feature was originally implemented by |
How would that work in the context of someone who has a hat designating that they're an employee for a large corporation, e.g. Apple? |
This hides hats on user pages unless the user is logged in. This change is to prevent scraping of the user pages and spam going to those users with hats listed. Issue: lobsters#854
This checks that a user is logged in before showing the hat's link on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. Issue: lobsters#854
This checks that a user is logged in before showing the hat's link on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. Issue: lobsters#854
This checks that a user is logged in before showing the hat's link on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. Issue: lobsters#854
This checks that a user is logged in before showing the hat's link on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. Issue: lobsters#854
This checks that a user is logged in before showing the hat's email on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. This adds a few new tests around this functionality and handles the sanitization of the link field in the model. Issue: lobsters#854
This checks that a user is logged in before showing the hat's email on the hat index page. This change is needed because a malicious anonymous user scraped the page and send a user spam based on the email found on it. This adds a few new tests around this functionality and handles the sanitization of the link field in the model. Issue: lobsters#854
I'm one of the few users with a hat, and I received a spam email because someone scrapped the page.
One way to mitigate this is to require being logged in to view the sensitive contents of how users are validated.
The text was updated successfully, but these errors were encountered: